IT Security Critical for Digital Transformation: Study

by CXOtoday News Desk    Nov 24, 2016


CA Technologies finds out in a global study that security plays a significant role in any business.87 percent firms in Asia Pacific & Japan (APJ) accept that security ensures superior business performance and indicate direct revenue growth enabling them to venture into new markets and deliver services in new ways.

The study interviewed 1,770 senior business and IT executives, of which more than 100 are chief security officers and chief information security officers. Around 800 of the respondents were from countries in the APJ region, including Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Singapore, South Korea and Thailand.

Majority of the respondents believe that IT security, specifically identity-centric security, has a greater role to play than just protect the business in a complex environment – it helps build trusted digital relationships that are critical for competing in the application economy and growing the business.

Some Findings of the Study:

According to the study, 87 percent of respondents said that there is a need to balance strong security with enabling their business to enter new markets and deliver services in new ways. Eigty five percent said that identity-centric security is critical to the business. Almost an equal percent said that security needs to be frictionless and not over burden the user and that security is critical to protecting the brand and can be viewed as a competitive differentiator; and

More than 70 percent of respondents are using metrics such as digital reach, operational or process efficiency, business growth, customer satisfaction, and a number of compliance audit failures.

“For digital businesses to thrive in the application economy, they need to drive new business models and participate in new connected eco-systems of value,” said Stephen Miles, chief technology officer, APJ, CA Technologies. “A good identity-centric security strategy enables a business to accelerate that objective with the confidence that great customer experiences are delivered, whilst mitigating risks and protecting the business. To ensure a successful digital journey, identity-centric security needs to be incorporated at the start as a core technology enabler rather than bolted on as an IT afterthought.” 

Advanced Use of Identity-Centric Security

The study also examined respondents’ current security postures in three areas of identity-centric security: the end-user experience, identity and access management, and data breaches. This information allowed CA and Coleman Parkes, who conducted the study, to create a maturity model for identity-centric security, categorizing respondents as advanced, basic or limited.

Overall, the APJ results categorized majority of respondents as basic users of identity-centric security (64 percent), with a focus on core capabilities such as password management, single sign-on and some analysis and reporting. 28 percent were categorized as advanced users, engaging in capabilities such as adaptive security and behavior analytics, and consistent omni-channel security support.

While all users in APJ saw improvements in their business from security initiatives, the survey showed that advanced users generally reported more significant results especially in areas of customer experience, business operations and security.

 Over a period, most advanced users of identity-centric security in APJ have experienced a decline in breaches have been much more proactive in preventing them through increased investment; focusing on mobile devices and apps; implementing strong set-up authentication and focusing on high-risk areas like privileged identities and access.